Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt with an incorrect password, which makes it easier for remote attackers to guess the password by observing the connection state, a different vulnerability than CVE-2003-0190. NOTE: it could be argued that in most environments, this does not cross privilege boundaries without requiring leverage of a separate vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenSSH配置错误漏洞
Vulnerability Description
OpenSSH 3.5p1版本中的sshd存在漏洞。当PermitRootLogin被启用时,该漏洞在用正确密码尝试登录之后立即关闭TCP连接,但是用不正确的密码尝试之后会保持连接打开,远程攻击者可以更容易通过观察连接状态来猜测密码,该漏洞不同于CVE-2003-0190。
CVSS Information
N/A
Vulnerability Type
N/A